From patchwork Wed Jul 29 00:31:03 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stanislav Fomichev X-Patchwork-Id: 1338075 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20161025 header.b=ANjIMCDY; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by ozlabs.org (Postfix) with ESMTP id 4BGZGP1skdz9sSy for ; Wed, 29 Jul 2020 10:31:09 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730791AbgG2AbI (ORCPT ); Tue, 28 Jul 2020 20:31:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44152 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730609AbgG2AbH (ORCPT ); Tue, 28 Jul 2020 20:31:07 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 87E79C0619D2 for ; Tue, 28 Jul 2020 17:31:07 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id t7so27393539ybk.2 for ; Tue, 28 Jul 2020 17:31:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=Z07j8LTcaioG0qCkJk70fNDVB7GWknR8AKhYdzK6Syw=; b=ANjIMCDYYRjGWoOZ9Y+SZbw2ZtJMkx1qg3zG3ScssDaPUO8rC5xdMGbfGWLZqtkJcf JlxhfVvu5+XSfM+/18wPHjDc19xe7NcQJV7zCZZ3foyqHgRRlisT7u1ugjIwkyuJKx0U +TqCHdJRMKT2+pk7oxNF5wS1ykn9RtqNJeeXiVrBqLRTSdlVK5cZ7VdGAgdjHmOa+cAu 5l99lxDxNUfqciKUJMQ1QDq7T1AKIxNvOEDIaD844ixIK4HLjhNGalUgqmbu0KCYSBs2 hCpNgRmIUiWRT3e7RRDYSOmS5dP7PEeMa9v9mtiWfamoCrMFGGoExY99Rq+cwakfroe2 BC4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=Z07j8LTcaioG0qCkJk70fNDVB7GWknR8AKhYdzK6Syw=; b=Ez9goxlK6EkoHer+sds1wPYPCGtgnOgnt4a2SHmoqdoFHdZXFYvkCw3mD85wx+gb3B aJNlyO3vcT+GPCaypcIdDi8/sxXZ4jDKsph3SLbvsRvFVBMPpe9g0yFjFaHK4fiXNz/7 O6FyWUvZebudWxIQrtWINTflACY66z8MM8KGtzGd0jWzoQbv7NX+mkuQIsGcv5FepV+B ruG79psKba1R41PxBjEZOpTubnwlD/aQEQ2nBRA30qQ7DNU/wK/gNCByl6MLPFHE5PBA JqBWwuPIP1VbdeEvTwwU70Pc3ka7pox1IpZYcTjlViBZPt3Adv5VXDYYXn+cbbvgQYUG PcbA== X-Gm-Message-State: AOAM530UwVLHSAZT8FX3vYVDEFBrDigMU6r6cK9tjdN5pUNXKv7wTuXQ N1h3jV12z6gfAarKAFJi/P/3BfvbhkApSoyUHywBVCoTC0adOpLla1+KFOGEZZUvUUEHuKL/Gc0 st0oSU/hXD8YE+oHj8opYi2YsMkU+kbSgK6k7DMxOt9ZHOrJIVrnnPg== X-Google-Smtp-Source: ABdhPJyZfPHk34oocJNE5G3TAGLIFR03/Mby83zy7tckMohqxJ0NmL4uIXP80JNbfb6+sUuf6HXUFkQ= X-Received: by 2002:a25:c615:: with SMTP id k21mr43792524ybf.379.1595982666554; Tue, 28 Jul 2020 17:31:06 -0700 (PDT) Date: Tue, 28 Jul 2020 17:31:03 -0700 Message-Id: <20200729003104.1280813-1-sdf@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.28.0.163.g6104cc2f0b6-goog Subject: [PATCH bpf-next 1/2] bpf: expose socket storage to BPF_PROG_TYPE_CGROUP_SOCK From: Stanislav Fomichev To: netdev@vger.kernel.org, bpf@vger.kernel.org Cc: davem@davemloft.net, ast@kernel.org, daniel@iogearbox.net, Stanislav Fomichev , Martin KaFai Lau Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This lets us use socket storage from the following hooks: * BPF_CGROUP_INET_SOCK_CREATE * BPF_CGROUP_INET_SOCK_RELEASE * BPF_CGROUP_INET4_POST_BIND * BPF_CGROUP_INET6_POST_BIND Using existing 'bpf_sk_storage_get_proto' doesn't work because second argument is ARG_PTR_TO_SOCKET. Even though BPF_PROG_TYPE_CGROUP_SOCK hooks operate on 'struct bpf_sock', the verifier still considers it as a PTR_TO_CTX. That's why I'm adding another 'bpf_sk_storage_get_cg_sock_proto' definition strictly for BPF_PROG_TYPE_CGROUP_SOCK which accepts ARG_PTR_TO_CTX which is really 'struct sock' for this program type. Cc: Martin KaFai Lau Signed-off-by: Stanislav Fomichev Acked-by: Song Liu --- net/core/bpf_sk_storage.c | 10 ++++++++++ net/core/filter.c | 3 +++ 2 files changed, 13 insertions(+) diff --git a/net/core/bpf_sk_storage.c b/net/core/bpf_sk_storage.c index eafcd15e7dfd..d3377c90a291 100644 --- a/net/core/bpf_sk_storage.c +++ b/net/core/bpf_sk_storage.c @@ -944,6 +944,16 @@ const struct bpf_func_proto bpf_sk_storage_get_proto = { .arg4_type = ARG_ANYTHING, }; +const struct bpf_func_proto bpf_sk_storage_get_cg_sock_proto = { + .func = bpf_sk_storage_get, + .gpl_only = false, + .ret_type = RET_PTR_TO_MAP_VALUE_OR_NULL, + .arg1_type = ARG_CONST_MAP_PTR, + .arg2_type = ARG_PTR_TO_CTX, /* context is 'struct sock' */ + .arg3_type = ARG_PTR_TO_MAP_VALUE_OR_NULL, + .arg4_type = ARG_ANYTHING, +}; + const struct bpf_func_proto bpf_sk_storage_delete_proto = { .func = bpf_sk_storage_delete, .gpl_only = false, diff --git a/net/core/filter.c b/net/core/filter.c index 29e3455122f7..7124f0fe6974 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -6187,6 +6187,7 @@ bool bpf_helper_changes_pkt_data(void *func) } const struct bpf_func_proto bpf_event_output_data_proto __weak; +const struct bpf_func_proto bpf_sk_storage_get_cg_sock_proto __weak; static const struct bpf_func_proto * sock_filter_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) @@ -6219,6 +6220,8 @@ sock_filter_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) case BPF_FUNC_get_cgroup_classid: return &bpf_get_cgroup_classid_curr_proto; #endif + case BPF_FUNC_sk_storage_get: + return &bpf_sk_storage_get_cg_sock_proto; default: return bpf_base_func_proto(func_id); } From patchwork Wed Jul 29 00:31:04 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stanislav Fomichev X-Patchwork-Id: 1338077 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Original-To: incoming-bpf@patchwork.ozlabs.org Delivered-To: patchwork-incoming-bpf@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=bpf-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20161025 header.b=G364prxx; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by ozlabs.org (Postfix) with ESMTP id 4BGZGS70W4z9sSd for ; Wed, 29 Jul 2020 10:31:12 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730609AbgG2AbM (ORCPT ); Tue, 28 Jul 2020 20:31:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44156 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730568AbgG2AbJ (ORCPT ); Tue, 28 Jul 2020 20:31:09 -0400 Received: from mail-qt1-x849.google.com (mail-qt1-x849.google.com [IPv6:2607:f8b0:4864:20::849]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 12E4AC061794 for ; Tue, 28 Jul 2020 17:31:09 -0700 (PDT) Received: by mail-qt1-x849.google.com with SMTP id b1so7569985qto.17 for ; Tue, 28 Jul 2020 17:31:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=VP+hVP7N9UUwB/BEdPvwYJDuj2mx5IG1QsAyzoOD2Z8=; b=G364prxxu/zrM5aCIqvvjp++AFEMIbRTIWjaao2m0kCZsxJ1opiuwcNigCcArkX7Nh XYUI2Xt8CB52IHV1sAEPQttMYVRFAnoXQKdUzMwoT5v8K8Je9UEjyLRKYvn/MCwn5qXZ MWyiPawzpTqTiGriWjq8tAN4F37Il0ldk8iyezGY6Y0Jdf4mz3b8xzTigAbLyf+z2XgW +8kqAdJXMnoszXydaKmBvaRvFJpAIBZvZiXd04gZUTpAAwB7YmePJ2QJxFKlzc9mtMxl ogWUd9fPdAsC6ng47Qha2JTnfr++evUBJFF78+8CFX8obsyznW0/cZcuPQu/vOclkQ9u 2p9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=VP+hVP7N9UUwB/BEdPvwYJDuj2mx5IG1QsAyzoOD2Z8=; b=sj4gPuhl8gYSlFwgDZHegKN8HatMI8rRwH0drMe2LJNteE9xg8DanRPHkziNKSTbxX Itz67dqL7zSJmbN90IP9vwaeXQK5JvdhPYHwVU10UrPncw9rGaSLx6dsnUrr08fcB0rL Tk/VkUHqGxD6dsCulyvilE+8+605KrKIpg6vFpxb061oYAyZn/aGDZj/3OU085y0zG76 pPArB0xvBTDzS74vehA9ptXJOmp8wbyBlIZaCfKE0qIWzefhsTHDWHeWW+7QRGNF1FMX +n0A2X96jOYal54/Hff3cu+FzAhacSJNkKkh/tiuzNhxa9cxAatzxmzr7ZQiWz9CqpF1 kcYw== X-Gm-Message-State: AOAM530bTjRdil0L/DSp1u0fqgk4rhrxvRfsYIxI6zpg4j4Ce6ZvUNsJ 9NtNY7TZIi3tAeztoFHXgif851w= X-Google-Smtp-Source: ABdhPJzV4vkPQLAySDlf1UA0dz/tux3nz3mC6/r1qDLtZPF6vx/pcrf16zqk6y/PVfsPXRlDsO+VOtQ= X-Received: by 2002:ad4:49a1:: with SMTP id u1mr11985218qvx.245.1595982668251; Tue, 28 Jul 2020 17:31:08 -0700 (PDT) Date: Tue, 28 Jul 2020 17:31:04 -0700 In-Reply-To: <20200729003104.1280813-1-sdf@google.com> Message-Id: <20200729003104.1280813-2-sdf@google.com> Mime-Version: 1.0 References: <20200729003104.1280813-1-sdf@google.com> X-Mailer: git-send-email 2.28.0.163.g6104cc2f0b6-goog Subject: [PATCH bpf-next 2/2] selftests/bpf: verify socket storage in cgroup/sock_{create, release} From: Stanislav Fomichev To: netdev@vger.kernel.org, bpf@vger.kernel.org Cc: davem@davemloft.net, ast@kernel.org, daniel@iogearbox.net, Stanislav Fomichev , Martin KaFai Lau Sender: bpf-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org Augment udp_limit test to set and verify socket storage value. That should be enough to exercise the changes from the previous patch. Cc: Martin KaFai Lau Signed-off-by: Stanislav Fomichev Acked-by: Song Liu --- tools/testing/selftests/bpf/progs/udp_limit.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tools/testing/selftests/bpf/progs/udp_limit.c b/tools/testing/selftests/bpf/progs/udp_limit.c index 8429b22525a7..165e3c2dd9a3 100644 --- a/tools/testing/selftests/bpf/progs/udp_limit.c +++ b/tools/testing/selftests/bpf/progs/udp_limit.c @@ -6,14 +6,28 @@ int invocations = 0, in_use = 0; +struct { + __uint(type, BPF_MAP_TYPE_SK_STORAGE); + __uint(map_flags, BPF_F_NO_PREALLOC); + __type(key, int); + __type(value, int); +} sk_map SEC(".maps"); + SEC("cgroup/sock_create") int sock(struct bpf_sock *ctx) { + int *sk_storage; __u32 key; if (ctx->type != SOCK_DGRAM) return 1; + sk_storage = bpf_sk_storage_get(&sk_map, ctx, 0, + BPF_SK_STORAGE_GET_F_CREATE); + if (!sk_storage) + return 0; + *sk_storage = 0xdeadbeef; + __sync_fetch_and_add(&invocations, 1); if (in_use > 0) { @@ -31,11 +45,16 @@ int sock(struct bpf_sock *ctx) SEC("cgroup/sock_release") int sock_release(struct bpf_sock *ctx) { + int *sk_storage; __u32 key; if (ctx->type != SOCK_DGRAM) return 1; + sk_storage = bpf_sk_storage_get(&sk_map, ctx, 0, 0); + if (!sk_storage || *sk_storage != 0xdeadbeef) + return 0; + __sync_fetch_and_add(&invocations, 1); __sync_fetch_and_add(&in_use, -1); return 1;